End-to-End Principle Brad Karp UCL Computer Science CS 6007/GC15/GA07 25 th February, 2009.

Slides:

Advertisements

Similar presentations

End-to-End Arguments in System Design

Advertisements

The End-to-End Principle Anthony D. Joseph Joe Hellerstein CS262a November 28, 2001.

Layering and the network layer CS168, Fall 2014 Sylvia Ratnasamy

COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.

6.033: Intro to Computer Networks Layering & Routing Dina Katabi & Sam Madden Some slides are contributed by N. McKewon, J. Rexford, I. Stoica.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

IS333, Ch. 26: TCP Victor Norman Calvin College 1.

U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts Amherst Operating Systems CMPSCI 377 Lecture.

End-to-End Arguments in System Design J.H. Saltzer, D.P. Reed and D.D Clark M.I.T. Laboratory for Computer Science Presented by Jimmy Pierce.

An End-to-End Approach to Globally Scalable Network Storage Presented in cs294-4 P2P Systems by Sailesh Krishnamurthy 15 October 2003.

Network Layer and Transport Layer.

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.

G Robert Grimm New York University Pulling Back: How to Go about Your Own System Project?

CS335 Principles of Multimedia Systems Multimedia Over IP Networks -- I Hao Jiang Computer Science Department Boston College Nov. 6, 2007.

End-To-End Arguments in System Design J.H. Saltzer, D.P. Reed, and D. Clark Presented by: Ryan Huebsch CS294-4 P2P Systems – 9/29/03.

EE 4272Spring, 2003 Protocols & Architecture A Protocol Architecture is the layered structure of hardware & software that supports the exchange of data.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

G Robert Grimm New York University Pulling Back: How to Go about Your Own System Project?

CS335 Networking & Network Administration Tuesday, April 20, 2010.

Fundamentals of Computer Networks ECE 478/578 Lecture #2 Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University of Arizona.

What Can IP Do? Deliver datagrams to hosts – The IP address in a datagram header identify a host IP treats a computer as an endpoint of communication Best.

1 CS 640: Introduction to Computer Networks Aditya Akella Lecture 1 Introduction

J.H.Saltzer, D.P.Reed, C.C.Clark End-to-End Arguments in System Design Reading Group 19/11/03 Torsten Ackemann.

Feb 20, 2001CSCI {4,6}900: Ubiquitous Computing1 Announcements.

EPL606 Topic 1 Introduction Part B - Design Considerations 1 The majority of the slides in this course are adapted from the accompanying slides to the.

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Introduction to Networks CS587x Lecture 1 Department of Computer Science Iowa State University.

CS332, Ch. 26: TCP Victor Norman Calvin College 1.

Fundamentals of Computer Networks ECE 478/578 Lecture #19: Transport Layer Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.

Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.

Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.

Computer Security Workshops Networking 101. Reasons To Know Networking In Regard to Computer Security To understand the flow of information on the Internet.

OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.

SSL/TLS How to send your credit card number securely over the internet.

End-To-End Arguments in System Design J.H. Saltzer, D.P. Reed, and D. Clark Presented by: Amit Mondal.

1 ECE453 - Introduction to Computer Networks Lecture 1: Introduction.

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

Protocol Layering Chapter 11.

CS551: End to End Argument Saltzer88 Christos Papadopoulos (

END-TO-END Arguments in System Design END-TO-END Arguments in System Design J. SaltzerD. Reed D. Clark M.I.T. Laboratory, 1981 Presented By Mohammad Malli.

End-to-End Arguments in System Design CSCI 634, Fall 2010.

Jan.19 th, 2007Seminar In Networks End-To-End Arguments in System Design Ayodele Onibokun Seminar In Networks Jan. 19 th, 2007.

CS533 - Concepts of Operating Systems End-to-End Arguments in System Design Presentation by David Florey.

IP1 The Underlying Technologies. What is inside the Internet? Or What are the key underlying technologies that make it work so successfully? –Packet Switching.

IT 424 Networks2 IT 424 Networks2 Ack.: Slides are adapted from the slides of the book: “Computer Networking” – J. Kurose, K. Ross Chapter 3: Transport.

Confidentiality using Conventional Encryption Chapter 5.

Tunneling Continued/ End-to-End Principle CS 4251: Computer Networking II Nick Feamster Spring 2008.

@Yuan Xue CS 285 Network Security Fall 2012 Yuan Xue.

2: Transport Layer 11 Transport Layer 1. 2: Transport Layer 12 Part 2: Transport Layer Chapter goals: r understand principles behind transport layer services:

Introduction1-1 Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 3 Omar Meqdadi Department of Computer Science and Software Engineering.

FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.

UDP: User Datagram Protocol. What Can IP Do? Deliver datagrams to hosts – The IP address in a datagram header identify a host – treats a computer as an.

أمن المعلومات لـ أ. عبدالرحمن محجوب حمد mtc.edu.sd أمن المعلومات Information Security أمن المعلومات Information Security  أ. عبدالرحمن محجوب  Lec (5)

David Wetherall Spring 2000

Presented by Muhammad Abu Saqer

Computer Data Security & Privacy

Reliable Transport I: Concepts

End-to-End Transport Over Wireless I: Preliminaries, Split Connection

Packet Sniffing.

Lecture # 7 Firewalls الجدر النارية. Lecture # 7 Firewalls الجدر النارية.

File Transfer Issues with TCP Acceleration with FileCatalyst

Beyond FTP & hard drives: Accelerating LAN file transfers

CSE 542: Operating Systems

CSE 542: Operating Systems

Announcements You need to register separately for the class mailing list and online paper review system. Do it now so that we can work out any “bugs”.

Presentation transcript:

End-to-End Principle Brad Karp UCL Computer Science CS 6007/GC15/GA07 25 th February, 2009

2 Motivation: End-to-End Argument 7 layers in OSI model 7 places to solve many of same problems: –In-order delivery –Duplicate-free delivery –Reliable delivery (retransmission) after corruption or loss –Encryption –Authentication In which layer(s) should a particular function be implemented?

3 Example: Careful File Transfer Goal: accurately copy file on A’s disk to B’s disk Straw man: –Read file from A’s disk –A sends stream of packets containing file data to B –Link-layer retransmission of lost/corrupted packets at each hop –B writes file data to disk Does this system meet design goal? –Bit errors on links not a problem AR1R2R3R4B data LL ACKs

4 Where Can Errors Happen? On A’s or B’s disk In A’s or B’s RAM or CPU In A’s or B’s software In the RAM, CPU, or software of any router that forwards packet (MIT example!) Why might errors be likely? –Drive for CPU speed and storage density: pushes hardware to EE limits, engineered to tight tolerances –e.g., today’s disks return data that are the output of an MLE!

5 Solution: End-to-End Verification A stores checksum with data on disk –Why not compute freshly on read? B computes checksum over received data, sends to A (or vice-versa) Compare two checksums; A resends if not identical Can we eliminate hop-by-hop error detection? –Suppose there’s a router with bad RAM; how will you find it? Is a whole-file checksum enough? –Poor performance: must resend whole file each time one packet (bit) corrupted!

6 End-to-End Principle Only application at communication endpoints can completely and correctly implement a function Processing in middle alone cannot provide function Processing in middle may, however, be important performance optimization Engineering middle hops to provide guaranteed functionality often wasteful of effort and inefficient

7 Perils of Low-Layer Implementation Entangles application behavior with network internals Suppose each IP router reliably transmits to next hop –lossless delivery, variable delay –ftp: OK, move huge file reliably (just end-to-end TCP works fine, too, though) –Skype: terrible, jitter packets when a few corruptions or drops not a problem anyway Complicates deployment of innovative applications –phone network vs. Internet

8 Advantages of Low-Layer Implementation Each application author needn’t recode a shared function Overlapping error checks (e.g., checksums) at all layers invaluable in debugging and fault diagnosis If end systems not cooperative (increasingly the case), only way to enforce resource allocation!

9 Challenge: End-to-End Authentication and Encryption Use a public PC to check your using IMAP & SSL –Authenticates server to you and you to server robustly –Encrypts between you robustly Key security consideration: threat model –which attacks are you explicitly defending against? –which are you ignoring? –what does it cost your adversary to mount an attack? What are you trusting? –mail reading application (could be trojaned) –OS (could also be trojaned) –hardware (e.g., "fake ATM" cases) End-to-end notion of security must consider integrity of software and hardware at endpoints, possibly even of users!

10 End-to-End Violation: Firewalls Box in middle of network that blocks “malicious” traffic –End-host software often vulnerable to worms –Users naive, may not keep desktop patched up-to-date Clearly violates e2e principle –Endpoints capable of deciding what traffic to ignore –Firewall entangled with design of network and higher protocol layers and apps, and vice-versa –Example: new ECN bit to improve TCP congestion control; many firewalls filtered all such packets! Probably need firewalls But beware entangling network edge and network interior Our network X Firewall Internet

11 Summary: End-to-End Principle Many functions must be implemented at application endpoints to provide desired behavior, even if implemented in “middle” of network End-to-end approach decouples design of components in network interior from design of applications at edges Some functions still benefit from implementation in network interior; at cost of entangling interior and core –Performance (e.g., link-layer retransmission) –Security (e.g., firewalls) –Scalability (e.g., routing) End-to-end principle is not sacred; it’s a way to think critically about design choices in communication systems